Tag: website

Some common tactics are: “What’s your account password, so I can check your account for fraud?” The only “tell” is a URL that points back to blackrockesg.com rather than the real BlackRock web address — blackrock.com. Every other link on the spoofed website, including references to Fink’s past investor letters, leads back to the real BlackRock website. The original email purporting to be from Fink was long, detailed and included the corporate-speak so common in real investor letters. It was not

Social engineering is a catch-all term used in cybersecurity to mean the practice of making you feel like you need to do something that is in the best interest of the social engineer, who is often a criminal.

Great social engineering can make you feel like you urgently need to send someone money, or lull you into a sense of security by convincing you a friend, colleague or professional is asking you a simple question.

Some common tactics are: “What’s your account password, so I can check your account for fraud?” or “Can you send your latest tax return so we can finish processing your application?” Social engineers essentially find an emotional hook — your desire to help, your willingness to not create friction or, in this case, the desire of most journalists to be the first to jump on a good story.

The attackers in this case were quite sophisticated. They created a web and email presence almost indistinguishable from the real thing.

The website created by the spoofers is quite detailed. The only “tell” is a URL that points back to blackrockesg.com rather than the real BlackRock web address — blackrock.com. Every other link on the spoofed website, including references to Fink’s past investor letters, leads back to the real BlackRock website.

The original email purporting to be from Fink was long, detailed and included the corporate-speak so common in real investor letters. The spoofers also anticipated a quick denial, and already had a fake press release prepared that itself took subtle digs at the hedge fund, implying it wouldn’t take the suggested pro-environmental stance because it wasn’t good for “profitability.”

“With climatic threats positioned to destabilize markets at ever greater levels in 2019 and beyond, BlackRock is determined to take a leadership role in building a Paris-compliant economy,” the fake letter read. “We will begin this work by divesting from coal companies in our actively managed funds. Within 5 years, more than 90% of our 1000+ investment products will be converted to screen out non-Paris compliant companies such as coal, oil, and gas, which we see as declining and endangered.”

It was not immediately clear who was hosting the spoofed website, and BlackRock could not be reached for comment on whether they were working to have the site removed.

There was ‘frustration’ in Kim Jong Un’s message: Expert 4:50 AM ET Wed, 2 Jan 2019 | 03:00But to do so, Pyongyang needs help from its rich neighbors. The nuclear-armed nation is seeking more than $7.7 million in investment, the Seoul-based online newspaper NK News reported last month, citing information from a website run by North Korea’s foreign trade ministry. Xi’s Belt and Road project offers the perfect answer to those needs. Pyongyang “would love to be part of Belt and Road,” Dane Chamorro

But to do so, Pyongyang needs help from its rich neighbors. The nuclear-armed nation is seeking more than $7.7 million in investment, the Seoul-based online newspaper NK News reported last month, citing information from a website run by North Korea’s foreign trade ministry.

Xi’s Belt and Road project offers the perfect answer to those needs. China has historically been Pyongyang’s largest trading partner.

Pyongyang “would love to be part of Belt and Road,” Dane Chamorro, a senior partner in the Asia Pacific division of Control Risks, a consulting firm specializing in politics told CNBC on Friday. Kim’s government is waiting for an invitation so his country can get assistance on the construction of railway links and ports and other facilities, Chamorro said.

Beijing also seems keen on Pyongyang’s inclusion, with the Chinese government inviting a North Korean delegation to attend a Belt and Road summit in 2017 — but it’s unlikely to take any action for now.

Including Pyongyang in the BRI is “probably more trouble than it’s worth” at the present moment, said Mintaro Oba, a former U.S. State Department official who specialized in the Koreas during the administration of former President Barack Obama.

For one, sanctions still remain in place. Beijing, however, has called for those penalties to be eased.

IMDb, the film and TV website owned by Amazon, is launching a free streaming video channel that will be available in the U.S. on its website and Amazon Fire TV devices, the company announced Thursday. The streaming space is getting increasingly crowded as even legacy media players like Disney have announced plans to create their own services. Apple, AT&T and others are also planning to launch streaming video services this year. Equally competitive is the streaming device space, where Amazon Fire

IMDb, the film and TV website owned by Amazon, is launching a free streaming video channel that will be available in the U.S. on its website and Amazon Fire TV devices, the company announced Thursday. Unlike streaming services such as Netflix and Prime Video, IMDb Freedive does not require a subscription, and is instead supported by ads, according to a press release.

The streaming space is getting increasingly crowded as even legacy media players like Disney have announced plans to create their own services. Apple, AT&T and others are also planning to launch streaming video services this year. But IMDb’s ad-based model could make it attractive to consumers who want to watch movies and TV shows without locking into a subscription service.

Equally competitive is the streaming device space, where Amazon Fire TV rivals Roku and Google Chromecast. These devices let customers stream content on their TV. Roku skyrocketed 25 percent earlier this week after releasing strong active user numbers, only to pare gains the next day when Citron Research warned of the competitive landscape, including a recent deal where Apple will offer content from iTunes on some Samsung TVs. Offering this free service on Amazon’s Fire TV devices may be appealing to some customers, and it may become available on other devices in the near future.

IMDb said the service will soon be “available more widely, including on IMDb’s leading mobile apps,” but did not specify where it will be available.

IMDb Freedive includes some big names like TV shows “The Bachelor” and “Heroes” as well as movies like “Awakenings” and “The Illusionist,” according to the press release. Previously, the site offered short-form original series along with trailers and interviews with celebrities.

If you’re a federal employee, you probably rang in the New Year worrying about whether you will get paid. That is because a partial government shutdown started at midnight on Dec. 22. Approximately 800,000 federal workers are currently in financial limbo as politicians in Washington struggle to come to an agreement on U.S. border protections. If you live in certain states, your chances of being one of those employees working without pay or furloughed are greater. That is according to a new study

If you’re a federal employee, you probably rang in the New Year worrying about whether you will get paid.

That is because a partial government shutdown started at midnight on Dec. 22. As of Jan. 3, the closure reached the 13-day mark. The longest government shutdown lasted 21 days, under President Bill Clinton.

Approximately 800,000 federal workers are currently in financial limbo as politicians in Washington struggle to come to an agreement on U.S. border protections.

If you live in certain states, your chances of being one of those employees working without pay or furloughed are greater.

That is according to a new study from personal finance website WalletHub, which ranked all 50 states and the District of Columbia.

China’s cyber watchdog on Wednesday issued new regulations for financial information on the internet, saying providers are not allowed to distort the interpretation of the country’s fiscal and monetary policies. Financial information providers are also not allowed to fabricate news or events that could move stock, fund, futures and foreign exchange markets, the Cyberspace Administration of China said (CAC) in a statement on its website.

China’s cyber watchdog on Wednesday issued new regulations for financial information on the internet, saying providers are not allowed to distort the interpretation of the country’s fiscal and monetary policies.

Financial information providers are also not allowed to fabricate news or events that could move stock, fund, futures and foreign exchange markets, the Cyberspace Administration of China said (CAC) in a statement on its website.

Sun Belt states such as Florida or Arizona may beckon some people in retirement, but fewer than you’d think. It turns out most people say they’d like to grow older at home, according to a study from Retirement Living, a website that aggregates retirement resources. Moving to an assisted living facility is a last resort. Just 30 percent of people are willing to consider a retirement home.

Criminals are currently exploiting a newly found flaw in several popular versions of Microsoft’s Internet Explorer browser, according to the company, security researchers at Google and the Department of Homeland Security. Attackers can use the vulnerability to gain broad access to computer systems, according to the U.S. Computer Emergency Response Team (CERT). The flaw works by driving users to an infected website via a fraudulent “phishing” email, according to the CERT. The flaw affects older I

Criminals are currently exploiting a newly found flaw in several popular versions of Microsoft’s Internet Explorer browser, according to the company, security researchers at Google and the Department of Homeland Security.

Attackers can use the vulnerability to gain broad access to computer systems, according to the U.S. Computer Emergency Response Team (CERT). The flaw works by driving users to an infected website via a fraudulent “phishing” email, according to the CERT. Once there, you unknowingly download malware that grants the attacker rights to any system you are able to access, according to Microsoft.

“An attacker could then install programs; view, change or delete data; or create new accounts with full user rights,” Microsoft said in an update on the vulnerability.

The issue is also significant because it comes as companies prepare for the weekend before Christmas, one of the busiest shopping days of the year, said Jason Escaravage, head of the commercial cybersecurity practice at consulting firm Booz Allen Hamilton.

“If I’m a bad guy, I would likely target a group of people at a company with a phishing campaign that, for instance, offers them 50% off with an online shopping platform,” he said. “Once they link to the [fraudulent] site, they can have their current session hijacked.”

Escaravage advised individuals to ensure their Internet Explorer browsers are updated, as well as other applications: “Make sure you are always operating on the latest version of anything that is touching the internet,” said Escravage. You should also be particularly mindful of phishing campaigns, especially those that may spoof popular retailers with holiday offers, he said.

Amid the explosion of e-commerce, shoppers are turning to online reviews instead of ads to decide what to buy. “The reality is with certain categories of product, buying out fake reviews is actually considered a marketing expense,” said Renee DiResta, director of research for cybersecurity firm New Knowledge. Amazon fans can look to websites like ReviewMeta or FakeSpot for estimates on how trustworthy a product’s reviews are. In some cases, legitimate reviews may be flagged or fake reviews could

Buyer, beware — that last-minute stocking stuffer from Amazon may not have earned its five-star rating legitimately.

Amid the explosion of e-commerce, shoppers are turning to online reviews instead of ads to decide what to buy. Fifty-five percent of people always use online ratings and reviews to inform their purchase decisions, according to a Better Business Bureau and Nielsen survey.

But sometimes those reviews are bought and paid for, just like advertising.

“The reality is with certain categories of product, buying out fake reviews is actually considered a marketing expense,” said Renee DiResta, director of research for cybersecurity firm New Knowledge.

The dominant e-commerce platform remains Amazon, which sells hundreds of millions of products, with more than half of items sold coming from third-party sellers. Shares of the e-commerce giant are up 40 percent this year, and the company’s market valuation briefly reached $1 trillion in September.

Top-rated products show up higher in search results on Amazon’s website and Google, which can mean a significant boost in sales for a seller with a top-rated listing.

Some merchants have turned to paying for positive reviews, especially ahead of major shopping days for Amazon, like Black Friday. And Amazon has struggled to catch them as they grow increasingly sophisticated in evading notice from the website and customers.

DiResta’s research found that the most likely offenders are sellers of generic products from no-name companies.

Amazon fans can look to websites like ReviewMeta or FakeSpot for estimates on how trustworthy a product’s reviews are. Both have their own Google Chrome extensions to make checking reviews even easier.

FakeSpot gives Amazon products a grade based on how trustworthy its reviews appear to an algorithm. The website also grades reviews from TripAdvisor, Yelp and Walmart.

ReviewMeta takes a different approach. Running an Amazon URL through the website generates a report with an overall grade, as well as an adjusted rating that removes reviews it deems “unnatural.”

A low grade from ReviewMeta or FakeSpot does not necessarily mean that the program captured every fake review. In some cases, legitimate reviews may be flagged or fake reviews could be missed.

To combat the problem, Amazon deletes reviews, products and even the accounts of suspect sellers and fake reviewers.

“We take this responsibility very seriously and defend the integrity of reviews by taking aggressive action to prevent abuse and protect customers from dishonest parties who are abusing the reviews system,” Amazon said in a statement to CNBC. “Customers can report suspicious reviews 24 hours a day, 7 days a week and we investigate each claim.”

In some cases, the e-commerce giant has used the legal system to curb the problem. It sued more than 1,000 people who used the freelancing platform Fiverr to find sellers willing to compensate them for reviews. Amazon has also filed suits against several third-party sellers.

DiResta discovered that sellers search for reviewers looking for free products and even extra cash in Facebook groups and Reddit posts. Merchants usually request to see the reviewer’s Amazon profile to make sure it appears legitimate, which usually means a profile picture and experience writing reviews spread out over a long span of time.

To avoid fraud detection, sellers would send DiResta a photo of their product, leaving her to track it down on Amazon. Some might even ask reviewers to leave the item on their wish list for a day or two to remain under the radar, she said.

Sellers also provide a discount code to reviewers, allowing them to purchase the product without paying. Because they bought it through Amazon, their post about the product will appear with a badge that says “verified purchase,” adding a sense of legitimacy to the review. DiResta also noted that many sellers requested reviewers to post photos of the product with the review.

ReviewMeta and FakeSpot still recommend reading over the reviews — with a few tips in mind.

One sign that potential buyers should look for is overly positive language that praises the company, FakeSpot CEO Saoud Khalifah said.

Khalifah also suggests looking at the dates of a product’s reviews. A large number in a few days is a red flag. Another warning signal is multiple posts from a reviewer for different products in a single day, he said.

Tommy Noonan, who operates ReviewMeta, says when you believe you have been fooled, you should message the seller and Amazon and consider returning the product.

Noonan warns that nobody can tell definitively what a fake review is, and even a listing with inauthentic reviews might still sell a product that works.

“Any seller that has any long-term goals in mind is going to try to provide a quality product and quality customer service,” he said.

WATCH:Here’s a look inside Amazon’s store that only sells its most popular products

A Chinese state-run newspaper lashed out at Canada on Sunday over the arrest of a top Huawei executive, saying it is bowing to pressure from the United States and likening her treatment to a “show trial” aimed at humiliating China for challenging the U.S. in global technology leadership. Justice authorities in Canada arrested Meng Wanzhou, Huawei’s chief financial officer and daughter of company founder Ren Zhengfei, on Dec. 1 in Vancouver, reportedly over alleged violations of U.S. sanctions on

A Chinese state-run newspaper lashed out at Canada on Sunday over the arrest of a top Huawei executive, saying it is bowing to pressure from the United States and likening her treatment to a “show trial” aimed at humiliating China for challenging the U.S. in global technology leadership.

Justice authorities in Canada arrested Meng Wanzhou, Huawei’s chief financial officer and daughter of company founder Ren Zhengfei, on Dec. 1 in Vancouver, reportedly over alleged violations of U.S. sanctions on Iran. Meng faces possible extradition to the U.S.

The detention comes within the broader context of the U.S.-China trade war and just as President Donald Trump and his Chinese counterpart Xi Jinping agreed to a 90-day truce at the G-20 Summit in Buenos Aires.

The English-language China Daily, in an editorial published Sunday on its website, accused Canada of detaining Meng for the sake of its relations with the U.S. The paper stressed that Washington maintains close intelligence ties with Ottawa under the “Five Eyes” sharing arrangement that also includes Britain, Australia and New Zealand.

Quora, the popular question-and-answer website, said Monday evening that hackers broke into one of its systems and compromised information from approximately 100 million users. CEO Adam D’Angelo said in a blog post the company discovered last week that a malicious third party had gained unauthorized access to one of its systems. Account information, including names, email addresses and encrypted passwords, may have been illegally accessed, according to the post. But the majority of the content t

Quora, the popular question-and-answer website, said Monday evening that hackers broke into one of its systems and compromised information from approximately 100 million users.

CEO Adam D’Angelo said in a blog post the company discovered last week that a malicious third party had gained unauthorized access to one of its systems.

Account information, including names, email addresses and encrypted passwords, may have been illegally accessed, according to the post. User-imported data from other social networks could also have been taken.

But the majority of the content the hackers accessed was already public on the site — such as questions, answers, and comments, D’Angelo wrote.

“We’re in the process of notifying users whose data has been compromised,” he said.